1.0.1 – updated 2014-05-10
I wasn’t able to find much discussion about people running pfSense and using the blacklists from Squidblacklist.org so I looked into it and saw that the pfSense version of SquidGuard is not like the others. I use /usr/local/pkg/Squidguard as the folder to keep the two scripts and have a cron job call squidGuard_blacklist_download.sh every 24 hours.
SquidGuard must be configured to use /tmp/sblupdate/dg-all.tar.gz as the Blacklist URL
Edit squidGuard_blacklist_download.sh and put in your username and password into the fetch URL or the blacklist wont download
Tested with squidGuard-devel 1.5_1.1 beta and squidGuard 1.4_4 pkg v.1.9.6 platform: 1.1 running on pfSense 2.1.5
If you have used the older package called pfBlocker you’ll want to install this package on 2.2+ as it has a built in updater to keep the Geo IP database current. Available from System \ Packages
2016-07-18 – pfBlockerNG 2.1 with TLD has been released- https://github.com/pfsense/FreeBSD-ports/pull/156
Full thread about the update is https://forum.pfsense.org/index.php?topic=115357.0
IP address suppression and reputation system
Alerts tab shows what has been blocked
If you are having issues removing pfBlocker a script is available that will clean up any remaining pfBlocker code. This is very useful if you restored to a previous config that was made while pfBlocker was installed.
Another script to help build your blocklists has been created here this will populate your IPv4 alias\list config with many free publicly available block lists.
Other blocklists worth mentioning are
TEK411.com created a video on pfBlockerNG called PfSense 2.2.x Packages – PfBlockerNG – Next Generation
Note: pfBlocker is for pfSense 2.1.x and pfBlockerNG is for 2.2.x these are two different packages by different developers.
Johannes B. Ullrich, Ph.D. from SANS ISC has put together an experimental PHP script to submit logs from pfSense to DShield.
Shalla’s Blacklist contains over 1.7 million enteries that can be used with SquidGuard or Dansguardian. This script will download the Shallalist and extract it into /tmp/shallalist to be used with pfBlockerNG’s DNSBL feature. Throw it in a cron job that runs once a day and add local links to an alias in DNSBL . Example /tmp/shallalist/adv/domains